DownUnderCTF : write-up
Recently I participated in DownUnderCTF. I really enjoyed this CTF.
So here is how I solved some of the challenges.
1. Leggos
So first I opened the given URL.
When I tried to view the page source I encountered an error that we can show in the above image.
So next thing I did was to send a CURL request.
So we can see one javascript file. “disableMouseRightClick.js”
So I thought let me check this js file.
Yaaaaas, we got our first FLAG.
Flag: DUCTF{n0_k37chup_ju57_54uc3_r4w_54uc3_9873984579843}
So on the CTF website’s home page, we can found their twitter handle.
Yas, we found the tweet which contains a flag but it looks like it’s encoded.
So at first look I know it’s base64 so I decode it online.
YAAAAAS, we got 2nd flag.
Flag: DUCTF{https://www.youtube.com/watch?v=XfR9iY5y94s}
Welcome!
So once we connect via ssh we see a screen something like this,
After looking in the screen for a few times I got a flag.
Flag : DUCTF{w3lc0m3_t0_DUCTF_h4v3_fun!}
16 Home Runs
As we see, we have been given one string. and by looking it we can say it’s a simple base64 encoded string so I decode it online.
Flag : DUCTF{16_h0m3_run5_m34n5_runn1n6_p457_64_b4535}
In a pickle
So when we download this “data” file and opened it in a simple text editor we can see it’s some kind of text data.
as a challenge name suggest “pickle” it’s a pickle file so I used python’s pickle module to solve it.
So it’s giving us some numbers, so collected all numbers and convert it in character via python code.
Yeeeeeeeeeees, we found the flag.
Flag: DUCTF{p1ckl3_y0uR_m3554g3}
Pretty Good Pitfall
So this was a new challenge for me.
So did some google search for .gpg file. and I found that in kali Linux we have an inbuilt gpg module.
So in the help, we can see -d for decrypt. so I used -d to solve this.
Yesssssssssss, we got Flag.
Flag: DUCTF{S1GN1NG_A1NT_3NCRYPT10N}
I really enjoyed this CTF.
Feel free to give feedback.
